On Fri, Jul 22, 2005, Naomaru Itoi wrote:
> Thank you for the information, Steve.
>
> Could you please further clarify the state of FIPS support, especially
> ANSI X9.31 PRNG, in OpenSSL 0.9.8? Does the fact that "fips"
> directory disappeared from 0.9.8 mean it was scratched? If it was, is
>
On Fri, Jul 22, 2005, David Brock wrote:
> I think this question got lost in the shuffle. I am confused as to how
> to check the update time of the CRL (if the CRL has expired). Does this
> check happen in X509_CRL_verify(), or is there another way to do it?
> I've got a CRL that has an update
Thank you for the information, Steve.
Could you please further clarify the state of FIPS support, especially
ANSI X9.31 PRNG, in OpenSSL 0.9.8? Does the fact that "fips"
directory disappeared from 0.9.8 mean it was scratched? If it was, is
there any plan on putting it back? Or must we keep usi
Title: REPOST: Signing a CSR with Microsoft CA
I've received absolutely no replies to this post, so I figured I would re-post……someone MUST have experienced this before…….
I am attempting to sign an OpenSSL generated CSR with Microsoft Certification Authority.
I generated the CSR using t
I think this question got lost in the shuffle. I am confused as to how
to check the update time of the CRL (if the CRL has expired). Does this
check happen in X509_CRL_verify(), or is there another way to do it?
I've got a CRL that has an update time set to 7 days, but the
verification is still
On Fri, Jul 22, 2005, Thomas J. Hruska wrote:
> Naomaru Itoi wrote:
> >Hello,
> >
> >Please excuse me for the cross post between the ML and the news group.
> >
> >I am interested in using FIPS recommended functionality in OpenSSL,
> >e.g., ANSI X9.31 pseudo random number generator. In OpenSSL 0
Naomaru Itoi wrote:
Hello,
Please excuse me for the cross post between the ML and the news group.
I am interested in using FIPS recommended functionality in OpenSSL,
e.g., ANSI X9.31 pseudo random number generator. In OpenSSL 0.9.7g, I
can see a directory "fips" at the top of the source tre
Hello,
Please excuse me for the cross post between the ML and the news group.
I am interested in using FIPS recommended functionality in OpenSSL,
e.g., ANSI X9.31 pseudo random number generator. In OpenSSL 0.9.7g, I
can see a directory "fips" at the top of the source tree and FIPS
related func
Milan Zmarzlák wrote:
Hi,
I am using openssl 0.9.6b, Apache with ssl mode and too many users who
has certificate. They use that for access to https pages.
Some users leaved our firm and I dont know about that so I can not
revoke his certificate.
Is there some chance to get to know, when user us
Angel Martinez Gonzalez wrote:
Hello:
About the error when I read a certificate, I think that the problem is that
the read certificate is encode in binary DER, and the function
"PEM_read_X509" need that the certificate is enconding in base 64. Is this
correct?.
If I have reason, how I can read
Hi,
I am using openssl 0.9.6b, Apache with ssl mode and too many users who
has certificate. They use that for access to https pages.
Some users leaved our firm and I dont know about that so I can not
revoke his certificate.
Is there some chance to get to know, when user use his certificate for
the
Thank you for response,
The function OBJ_obj2txt () expects the buffer length as a second argument.
Is it possible to determine the length of an extension from given
certificate to pass it to that function?
Arsen.
Dr. Stephen Henson wrote:
On Fri, Jul 22, 2005, Arsen Hayrapetyan wrote:
H
On Fri, Jul 22, 2005, Arsen Hayrapetyan wrote:
> Hello,
>
> I have a certificate in a X509 structure pointed by "cert" pointer
> (X509* cert =...).
> I've got a number of used extensions with X509_get_ext_count and values
> of extensions (one by one) with
> X509_get_ext. The problem is that I c
Hello,
I have a certificate in a X509 structure pointed by "cert" pointer
(X509* cert =...).
I've got a number of used extensions with X509_get_ext_count and values
of extensions (one by one) with
X509_get_ext. The problem is that I can't get the names of that
extensions, I obtain only values.
Hello:
About the error when I read a certificate, I think that the problem is that
the read certificate is encode in binary DER, and the function
"PEM_read_X509" need that the certificate is enconding in base 64. Is this
correct?.
If I have reason, how I can read that certificate in binary DER?,
Hello:
I want read a certificate, and I use the function "PEM_read_X509". Then, I
get the serial number and the subject name.
I have done it with success reading a certain certificate, but when I read
other certificate I have get a read error. And this certificate it´s ok.
Both certificates are i
Angel Martinez Gonzalez wrote:
Hello:
I want to get the RSA public key from a X509 certificate. Are there some
function to do this?.
I know this function:
EVP_PKEY *509_get_pubkey(cert)
But I want obtain a RSA *.
what about EVP_PKEY_get1_RSA ?
Nils
__
Hello:
I want to get the RSA public key from a X509 certificate. Are there some
function to do this?.
I know this function:
EVP_PKEY *509_get_pubkey(cert)
But I want obtain a RSA *.
Thanks
__
OpenSSL Project
Hi,
According to the man page, d2i_xx method is able to allocate memory for you.
d2i_PUBKEY_xxx
If you are using OpenSSL 0.9.7 or later then this can be simplified to:
int len;
unsigned char *buf;
buf = NULL;
len = i2d_X509(x, &buf);
if (len < 0)
19 matches
Mail list logo
